{"title":"CipherDM: Secure Three-Party Inference for Diffusion Model Sampling","authors":"Xin Zhao, Xiaojun Chen, Xudong Chen, He Li, Tingyu Fan, Zhendong Zhao","doi":"arxiv-2409.05414","DOIUrl":null,"url":null,"abstract":"Diffusion Models (DMs) achieve state-of-the-art synthesis results in image\ngeneration and have been applied to various fields. However, DMs sometimes\nseriously violate user privacy during usage, making the protection of privacy\nan urgent issue. Using traditional privacy computing schemes like Secure\nMulti-Party Computation (MPC) directly in DMs faces significant computation and\ncommunication challenges. To address these issues, we propose CipherDM, the\nfirst novel, versatile and universal framework applying MPC technology to DMs\nfor secure sampling, which can be widely implemented on multiple DM based\ntasks. We thoroughly analyze sampling latency breakdown, find time-consuming\nparts and design corresponding secure MPC protocols for computing nonlinear\nactivations including SoftMax, SiLU and Mish. CipherDM is evaluated on popular\narchitectures (DDPM, DDIM) using MNIST dataset and on SD deployed by diffusers.\nCompared to direct implementation on SPU, our approach improves running time by\napproximately 1.084\\times \\sim 2.328\\times, and reduces communication costs by\napproximately 1.212\\times \\sim 1.791\\times.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":"5 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.05414","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Diffusion Models (DMs) achieve state-of-the-art synthesis results in image
generation and have been applied to various fields. However, DMs sometimes
seriously violate user privacy during usage, making the protection of privacy
an urgent issue. Using traditional privacy computing schemes like Secure
Multi-Party Computation (MPC) directly in DMs faces significant computation and
communication challenges. To address these issues, we propose CipherDM, the
first novel, versatile and universal framework applying MPC technology to DMs
for secure sampling, which can be widely implemented on multiple DM based
tasks. We thoroughly analyze sampling latency breakdown, find time-consuming
parts and design corresponding secure MPC protocols for computing nonlinear
activations including SoftMax, SiLU and Mish. CipherDM is evaluated on popular
architectures (DDPM, DDIM) using MNIST dataset and on SD deployed by diffusers.
Compared to direct implementation on SPU, our approach improves running time by
approximately 1.084\times \sim 2.328\times, and reduces communication costs by
approximately 1.212\times \sim 1.791\times.